none
Azure AD Join Failed [Error Code: 80070002] RRS feed

  • Question

  • Afternoon All,

    This is the first time I've seen this issue and I'm a little lost, I'm trying to join a users device to Azure Active Directory using the standard procedure (Settings > Accounts > Access work or school > Connect > Join this device to Azure Active Directory) and also tried to just register the device, All of which come back with the following error...

    The device is Windows 10 Pro, I updated it and tried again but the error is still the same. I pulled a copy of the event logs for User Device Registration and Device Management and...

    The Device Management logs show...

    [20/04/2020 7:42:19 PM] [INFORMATION] - MDM Enroll: Certificate enrollment request sent successfully.
    
    [20/04/2020 7:42:19 PM] [ERROR] - MDM Enroll: Server Returned Fault/Code/Subcode/Value=(a:FailedAuthentication) Fault/Reason/Text=(Call ID: 99fb2b84-4f3c-457a-9106-b5213ef86a73.).
    
    [20/04/2020 7:42:19 PM] [ERROR] - MDM Enroll: Failed to receive or parse certificate enroll response. Result: (Unknown Win32 Error code: 0x80180002).
    
    [20/04/2020 7:42:19 PM] [ERROR] - MDM Enroll: Failed (Unknown Win32 Error code: 0x80180002)

    and the User Device Registration logs show...

    [20/04/2020 7:45:14 PM] [INFORMATION] - The join request was successfully sent to server. Inputs:
    AuthToken: <NULL>
    
    [20/04/2020 7:45:15 PM] [INFORMATION] - The get join response operation callback was successful. 
    Activity Id: XXXXXXXX-XXXXXXXXX-XXXXXXXXXX-XXXXXXXX
    Server response was: {"AttestationResult":{"KeyId":"XXXXXXXX-XXXXXX-XXXXXXX-XXXXXXX"}}
    
    [20/04/2020 7:45:15 PM] [INFORMATION] - The registration status has been successfully cleared from the device. 
    Join type: 9 (WORKPLACE_UNJOIN) 
    Tenant ID: XXXXXXXXXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX
    UPN: XXXXXX@XXXXXXX.XXXXX.XXXX
    
    [21/04/2020 3:11:26 PM] [WARNING] - Windows Hello for Business provisioning will not be launched. 
    Device is AAD joined ( AADJ or DJ++ ): No 
    User has logged on with AAD credentials: No 
    Windows Hello for Business policy is enabled: No 
    Windows Hello for Business post-logon provisioning is enabled: Yes 
    Local computer meets Windows hello for business hardware requirements: Yes 
    User is not connected to the machine via Remote Desktop: Yes 
    User certificate for on premise auth policy is enabled: No 
    Machine is governed by none policy. 
    See https://go.microsoft.com/fwlink/?linkid=832647 for more details.

    It mentions some authentication issues but I've already confirmed the login is correct. I've tried what I can to fix the issue but its not budging, any help is greatly appreciated. Thanks in advance

    Tuesday, April 21, 2020 6:14 AM

All replies

  • This seems to be an issue with Corrupt or broken system files.

     

    I suggest you follow the steps below and see if it helps:

     

    Run System File Checker

     

    System file Checker determine whether the issues you are experiencing on your computer are caused by one or more system files.

     

    You can refer to the following Microsoft article to repair corrupt files using SFC tool. Use the System File Checker tool to repair missing or corrupted system files

    Tuesday, April 21, 2020 12:28 PM
  • Hi Akshay M,

    Although this was a fresh install of Windows 10 this was done on I did do a sfc /scannow but there was no change when I tried to join again, the error was exactly the same.

    Wednesday, April 22, 2020 9:59 PM
  • Just an additional note, I've now seen this happening on more than one device and the error is exactly the same.
    Friday, May 8, 2020 1:38 AM
  • Did you ever find a solution to this? I am seeing this error as well.
    Monday, June 8, 2020 1:00 PM
  • Any idea how to fix this issue? Multiple clients have this now
    Wednesday, June 24, 2020 7:27 AM
  • Hello,

    Got same here, troubleshooting.

    Wednesday, June 24, 2020 12:18 PM
  • Hello,

    Just found reason and solution for our case:

    1. User used Forti client/VPN client

    2. This disabled and stopped DNS service - so please check on your side if DNS service is up and running

    3. After removing Forti, DNS was still disabled and not started, applied fix via registry

    4. After reboot and retry all worked well

    Wednesday, June 24, 2020 1:29 PM